Bring your own device (BYOD) may be bringing some headaches to companies. New research has found that 84 percent of employees use the same smartphone for work and pleasure, but just 53 percent said they had a pass code protecting that phone.
Employees, however, may not be solely to blame for potential security risks associated with BYOD. The research found that 49 percent of respondents said their information technology department had not discussed mobile or cybersecurity with them. Additionally, the same number of respondents, 37 percent, said their company had a security policy in place as did not. More than one-quarter of workers said they were unsure if their company had a policy in place.
Without education on the dangers of BYOD, workers are making several mistakes that can potentially lead to cyberattacks and security vulnerabilities. Six in 10 workers said they still write passwords down on a piece of paper while 36 percent of workers said they reuse the same password for different accounts.
Companies are not taking the necessary protection measures, despite the potential for security flaws to be exposed. More than half of the respondents said their company did not have the ability to wipe data from a phone if it is lost, while 28 percent said they were unsure if the company was able to remotely wipe data. Even more disturbing is the fact that workers are unsure of what to do if a device was lost. A majority of workers said they were not sure who to contact if they lost their phone, while 15 percent said they would call their service provider. Twenty-nine percent of workers said they would call their company in the event of losing their device.
"The BYOD trend is not slowing down, and while it has many benefits, it’s also introducing a number of new security risks that may be foreign to many companies," said Rick Dakin, CEO and chief security strategist with Coalfire, which conducted the research. "The results of this survey demonstrate that companies must do much more to protect their critical infrastructure as employees work from their own mobile devices, such as tablets and smartphones, in the workplace. Companies need to have security and education policies in place that protect company data on personal devices."
The information in this research was based on the responses of 400 individuals not working in IT. The research was conducted by Coalfire, an IT governance and risk and compliance services company.